As DoD builds its first mobile infrastructure, officials try to avoid past mistakes

Jared Serbu reports.

The Defense Department is in the first stages of implementing a mobile technology
infrastructure that will serve the entire military. As they set down that path,
officials say they desperately want to avoid repeating the practices military
services used when they built their traditional wired networks.

According to an oft-cited figure from U.S. Cyber Command,approximately 15,000
individual network enclaves exist within DoD, each of which grew up according to
their own standards, leading to a mishmash of IT that's extremely expensive to
manage and almost impossible to secure. The Pentagon has only begun to unwind
those stovepiped networks by closing down data centers, terminating boutique
applications and pointing itself toward a future state known as the Joint Information
Environment.

When it comes to mobility, that's a headache DoD would rather not repeat.

"We are not going to go out and do mobility on our own," said Gary Blohm, the
director of the Army's architecture integration center. "We had tons of mobility
pilots. Everyone had one, and everyone was trying to do our own thing. There's a
balance between allowing innovation and centralization, but one of the things we
decided to do from an enterprise perspective was focus with our partners in the
Defense Information Systems Agency, centralize our efforts there with them as the
supplier, so we could move faster on mobility."

Once the centralized mobile infrastructure, including a single mobile device
management system and a DoD app store reaches initial operational capability, the
military services will assume the responsibility for funding the mobility
infrastructure and help to define its requirements, but it will continue to be
operated as a service by DISA, Blohm told a mobility symposium organized by
AFCEA's Bethesda chapter.

"One of the challenges we've had with multiple services was that everybody wants
to do it their way and have control over it," said Brian Teeple, the principal
director for command, control, communications and computers, and information
infrastructure in the DoD CIO's office. "But the budget environment has helped in
that sense. When we do the (return on investment) calculations, where we're seeing
our savings is instead of doing things four times, doing it once. It's also safer
for security, because every time someone does something a little bit differently,
it introduces one more vulnerability."

Beyond managing devices and apps at the DoD enterprise level, the Army's Blohm
said the commercial-centric mobile infrastructure needs to be highly secure, but
it also needs to be based on a single, common computing environment and be device-
agnostic.

"People come to us sometimes and say, 'I have a hardware solution to your problem.
I'll build you a device, it'll look like a commercial device, but the hardware
will really secure things for you.' We don't believe that's the right way to go.
We can't keep up with the commercial industry that way," he said. "We think we
need to do the security by software. And we can't pick a device for our leaders.
If we bring them an iPhone, somebody in the room is going to say, 'no, I want a
Samsung.' Then if we say, okay, we'll go Samsung, somebody else is going to say,
'no, no, I want an iPhone.' And what they want today is going to be different from
what they want tomorrow. So our challenge is to keep pace with that. That's why
this device agnostic architecture is so important to us. We need to keep up with a
security approach that lets us keep up with commercial and not do something
different and unique just for us."

But Blohm says even though the Army wants soldiers to be able to use mobile
devices at work with the same ease-of-use and functionality they've gotten used to
in their personal lives, the military still has a long way to go. In pilots thus
far, he says devices have needed to have many of their functions disabled for
security purposes.

"People tell us, 'OK, you've given me a commercial device, but it's not that
device anymore because once I go into the secure section, all I can basically do
is look at email. It's basically a BlackBerry with a nice screen,'" he said. "So
we need to open that up, and for us it's a really big balancing act. We have to be
the bad people sometimes that tell folks, 'I'm sorry, but you have to authenticate
with a common access card.' We have to do things in a secure fashion. People want
to think first about the user functionality side, but they tend not to think about
security until bad things happen. As we provide more mobile services, both for the
tactical side and for the generating force, we still need to do these things."

Blohm says as the Army tries to rationalize the rest of its networks, close data
centers, shut down legacy applications and move network technology to lower
echelons of Army units, it's applying the same software-centric attitude it's
using for mobility. He said the Army wants to stop building specialized IT
platforms to meet specific missions and move toward agile, well-designed software
that runs on off-the shelf-hardware.

"We're trying to get to a place where I don't build a device if I want to do blue
force tracking. I build an app to do that, and put it onto a common computing
environment," he said. "It really changes the culture about how we acquire things,
and it's one of the biggest challenges we have in our acquisition community. But
I'll tell you that our acquisition leadership is all over that, and we're making
progress every day."